<img src="https://secure.leadforensics.com/69529.png" style="display:none;"> Apogee IT Services
Blog  |  FAQ
  • Apogee Aim Higher Website header
    What's going on in IT.

What You Need to Know About Cryptojacking: The Newest Cybersecurity Threat

Posted on March 21, 2019
  
cryptojacking

Cryptocurrency entered the international stage in November 2008. An anonymous person or group, named Satoshi Nakamoto, authored a whitepaper introducing Bitcoin, a decentralized, peer-to-peer digital currency that would revolutionize the way people made monetary transactions.

The currency debuted the following January, opening with no value. Bitcoin failed to register a price until 2010, when it peaked at a whopping 39 cents. It stumbled early, but quickly gained momentum, reaching nearly $20,000 in 2017 before gradually leveling to its current value of approximately $4,000.

This digital money has no physical form. It’s “electricity converted into lines of code.” Owners keep their coins in virtual wallets, and complex encryption secures transactions. Multifaceted mathematical puzzles must be solved to prove transactions are legitimate. “Miners,” using expensive, power-absorbing hardware, race to solve these riddles for financial gains.

Bitcoin’s success resulted in the development of more cryptocurrencies and the birth of a new cybersecurity problem:  cryptojacking – for businesses.

It’s an attack cyberthieves use to take control of company computers to mine cryptocurrencies. It eliminates miners’ exorbitant energy consumption by placing it on businesses they infiltrate. Electricity used in mining Bitcoin is projected to top more than 7.5 gigawatts this year, a figure similar to the amount used by Austria in a year.

Phishing is a primary technique used by coin predators. Malicious links load cryptomining code onto machines, putting them in control of hackers. Websites or online ads with JavaScript code is another weapon. The code auto-executes once loaded into the victims’ browsers. These devious schemes happen unbeknownst to employees. A slowdown in a computer’s processing capabilities could be a hint to users that their machines might have been compromised. An increase in overheated CPU fans is another clue, and a large surge in monthly electricity costs should lead to investigating the problem.

Cryptojacking’s popularity among cybercriminals recently has soared. There was a 450 percent increase in attacks in 2018 – including an 8,500 percent upswing in the fourth quarter. The United States accounted for 62 percent of cryptomining traffic last year. Ransomware attacks, meanwhile, decreased by 45 percent. Cybercriminals are learning it’s more lucrative to mine cryptocurrency rather than demand a fraction of a virtual coin to decrypt a user’s workstation.

An IBM report found that 68 percent of cryptojacking breaches aren’t discovered for months after they occur. It’s an issue that isn’t going away, but there are procedures businesses can follow to lessen the possibility an attack happens. This includes:

  • Perform periodical risk evaluations to identify vulnerabilities.
  • Stay alert and analyze resources for unusual activity.
  • Investigate spikes in IT problems related to abnormal CPU performance.
  • Install plugins to block sites on your browser if you suspect cryptojacking is getting in via websites.
  • Regularly update all company devices and systems
  • Use an advanced cybersecurity solution that provides key characteristics such as detailed visibility of the activity on all endpoints.
  • Educate employees on how to recognize and avoid phishing emails.

So, remain alert and take caution. Don’t allow modern-day 49ers to deep-six your budgets by mining for electricity in your shallow revenue streams.

To discuss security strategy, email Security Analyst Frank Verdecchia at fverdecchia@apogeeits.com.

 


 

Apogee IT Services is Managed Service Provider with offices in Pittsburgh, PA, Boston, MA, and Toronto, ON. Apogee provides Managed IT Services to more than 300 businesses across the Northeast with a focus on legal, manufacturing, financial services, non-profit, and many other industries. Technology services include hosted cloud servicesproactive IT management, multi-layer security including data backup and disaster recovery, 24/7 monitoring and alerting, Help Desk and end-user support, network planning and design, and IT roadmapping, among others.

Tagged IT Security, Security, Security breach, Phishing, Security Threats, Cryptojacking, Cryptocurrency, Bitcoin

11 keys to network security

Clients in the US & Canada

apogee-sidebar-map-2

Learn More